← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #75727

[Bug 1803499] [NEW] FWaaS-When setting the protocol to any firewall rule, the error is not in line with expectations.

  Thread PreviousDate PreviousThread Next 
Public bug reported:

version : pike

question one

create a firewall rule with neutron-CLI:
    neutron firewall-rule-create --protocol any --source-port 1234 --action deny

Expectation error:
Source/destination port requires a protocol.

Actual error:
Source, destination port are not allowed when protocol is set to ICMP.


question two:

we can not craete a firewall rule like this:
    neutron firewall-rule-create --protocol icmp --source-port 1234 --action deny

but, we can do this in another way:
    neutron firewall-rule-create --protocol tcp --source-port 1234 --action deny
    neutron firewall-rule-update --protocol icmp firewall_rule_id
    neutron firewall-rule-show firewall_rule_id

** Affects: neutron
     Importance: Undecided
     Assignee: Chengqian Liu (liuchengqian90)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => Chengqian Liu (liuchengqian90)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1803499

Title:
  FWaaS-When setting the protocol to any firewall rule, the error is not
  in line with expectations.

Status in neutron:
  New

Bug description:
  version : pike

  question one

  create a firewall rule with neutron-CLI:
      neutron firewall-rule-create --protocol any --source-port 1234 --action deny

  Expectation error:
  Source/destination port requires a protocol.

  Actual error:
  Source, destination port are not allowed when protocol is set to ICMP.

  
  question two:

  we can not craete a firewall rule like this:
      neutron firewall-rule-create --protocol icmp --source-port 1234 --action deny

  but, we can do this in another way:
      neutron firewall-rule-create --protocol tcp --source-port 1234 --action deny
      neutron firewall-rule-update --protocol icmp firewall_rule_id
      neutron firewall-rule-show firewall_rule_id

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1803499/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next